Solving the GDPR’s 10 Toughest Problems